README.md

Stash - Team secret management made simple

Stash is a graphical password and secret storage and management tool designed for collaboration, security and ease-of-use.

It features full end-to-end encryption and does not require a server component, giving you full control over who is able to access your secrets.

Stash will always be fully open-source without any subscriptions, "premium" features or hidden gotchas. You are free to use Stash in any environment, including commercially, as long as you respect the GPL license.

Features

Desktop application for Windows/Linux/Mac

Asymmetric end-to-end encryption using RSA and AES256

No server component required, secrets are stored and versioned by a simple git repository

Official Arch Linux packages are available in AUR named stash-electron and stash-electron-git.

Development snapshots are available for all platforms by installing the stash-electron-git package or downloading from the snapshots repository:

Getting started

Stash requires a git repository to store its data. It is highly recommended to use a private, password-protected repository. All data is encrypted, the server owner will never get access to your secrets. Some free choices:

After creating the git repo, run Stash and navigate to the Settings page.

Clone your repository to an empty folder by clicking Add, then selecting the Clone option.

Configure your private key by clicking the highlighted Account status icon in the top right corner. You may either load an existing private key (e.g. SSH key, all formats incl. Putty supported), or generate a new key by clicking the button. You should always password-protect your private key.⚠️ Your private key is your access pass to your secrets. If you lose your key, you lose access to all your secrets, and there is no way of recovery. So keep your key safe and secure, back it up and never share it with anyone!

Add yourself to the list of known users on the Users page (add user -> use my key). All users and public keys must be known to Stash. Do not forget to save your changes.

Open the Browser page and initialize the repository permissions by authorizing yourself on the root folder: Right-click on the root folder, select Permissions, toggle your user and confirm with Save.

Your repository is now fully set up and ready for you to start creating folders and secrets!

Every change you make automatically creates a git commit. Use the flashing icon in the top right to push/share your changes.

Development

Stash is a Node.js/React application running on Electron. To start development, you will need a recent Node.js/npm installation.